adding TOFU/POP to GnuPG

Werner Koch wk at
Mon Mar 17 11:50:02 CET 2014

On Fri, 14 Mar 2014 22:54, rjh at said:

> sign) it.  The goal here was to make email encryption completely
> invisible to the end-user.  I personally found the proxy to be touchy,
> but in the main it worked well.

We experimented with that in the past (e.g. the Windows proxy GPGrelay)
but it turned out that you often run into problems with that because the
integration in the MUA is not really provided.  Another drawback is that
it does not work with systems like Notes or Outlook/Exchange.  The funny
thing is that those two MUA are also the most troublesome with
integrating direct support.  Thus in the end there is not much use for
it.  Sure, the PGP Universal Server has an advantage for their business.

> (I don't know much about GnuPG's STEED project: it's possible it works
> in much the same way.)

It is just an idea for now but it is based on the experience of adding
OpenPGP support to almost all MUAs.  By building upon this work we can
easily add the required support to make crypto invisible most of the

It is also possible to provide a dedicated MUA for all 3 major OSes
which should satisfy the need for most users (see



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list